This lesson covers how to restrict access to parts of a Web site based on the identity of the user or information about the request, such as the originating IP address. You will learn how to change the configuration of the server to protect your content and how to use user and group management tools.

This chapter is from the book

This chapter is from the book

This hour explains how to restrict access to parts of a Web site based on the
identity of the user or on information about the request.

In this hour, you will learn

How to restrict access based on the user, client IP address, domain name,
and browser version

How to enable and configure Apache authentication modules

How to use the user management tools provided with Apache

Authentication

Authorization and authentication are common requirements for many Web sites.
Authentication establishes the identity of parties in a communication. You can
authenticate yourself by something you know (a password, a cookie), something
you have (an ID card, a key), something you are (your fingerprint, your retina),
or a combination of these elements. In the context of the Web, authentication is
usually restricted to the use of passwords and certificates. Certificates are
explained in Hour 17, "Setting Up a Secure Server."

Authorization deals with protecting access to resources. You can authorize
based on several factors, such as the IP address the user is coming from, the
user's browser, the content the user is trying to access, or who the user
is (which is previously determined via authentication).

Apache includes several modules that provide authentication and access
control and that can be used to protect both dynamic and static content.

You can either use one of these modules or implement your own access control
at the application level and provide customized login screens, single sign-on,
and other advanced functionality. Those topics are application- and development
languagespecific and are not covered in this book, which only deals with
authentication and authorization at the Web server level.